Linux Security: Auditing, Hardening and Compliance

How to keep Lynis up-to-date?

How to keep Lynis up-to-date?

Keeping software like Lynis up-to-date is nowadays very important. More and more vendors implement software development methodologies like agile and scrum, to decrease the time between new software versions. This way software enhancements are easier to implement and possible bugs earlier fixed. It’s up to the user of the software to stay up-to-date and therefore we provide some tips on how to update Lynis easily.

Notifications

Staying up-to-date begins with receiving an update when a new release is available. For Lynis there are several possibilities, so everyone can use it’s preferred method.

Project page

Via Freecode people can subscribe to their favorite open source tools. Lynis has it’s own project page as well. If you have a Freecode account, subscribe to the project.

Download

New releases of Lynis and plugins can be downloaded via the CISOfy website. Before running new software versions, you are advised to check the related SHA1 checksum first. This hash is published on the download page, together with the link to the Lynis version itself.

Packages

When using a Lynis package, it usually takes time before the latest version is available. Depending on the platform you are using, a request for an update can be requested (if it’s really outdated). For example when using FreeBSD, a PR could be created to update the ports tree entry for Lynis.

When using custom build packages, updating might be as simple as altering the version number and rebuilding the package.